nextjs-turborepo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill includes code that fetches and renders data from public third‑party endpoints and CDNs (e.g., fetch('https://api.example.com/posts/...') and comments endpoints, Script components loading https://www.googletagmanager.com/gtag/js, https://connect.facebook.net/... and the jsdelivr RemixIcon CDN), which demonstrates the agent would ingest and display open/public (potentially user‑generated or untrusted) content as part of its workflow.